Don't mix real tabs with tabs expanded as 8 spaces -- that's
a pain to read when using 4-space tabs.

Don't use NULL-pointer :-/

Comment about bug.

Let ssl_get_prev_session reliably work in multi-threaded settings.

Avoid memory hole when we don't like the session proposed by the client

Additional, more descriptive error message for rejection of a session ID
because of missing session ID context (so that application programmers
are directly pointed to what they should do dif

Additional, more descriptive error message for rejection of a session ID
because of missing session ID context (so that application programmers
are directly pointed to what they should do differently).

show more ...

New structure type SESS_CERT used instead of CERT inside SSL_SESSION.
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know i

New structure type SESS_CERT used instead of CERT inside SSL_SESSION.
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.

show more ...

No actual change, but the cert_st member of struct ssl_session_st is now
called sess_cert instead of just cert. This is in preparation of further
changes: Probably often when s->session->ses

No actual change, but the cert_st member of struct ssl_session_st is now
called sess_cert instead of just cert. This is in preparation of further
changes: Probably often when s->session->sess_cert is used, we should
use s->cert instead; s->session->sess_cert should be a new structure
containing only the stuff that is for just one connection (e.g.
the peer's certificate, which the SSL client implementations currently
store in s->session->[sess_]cert, which is a very confusing thing to do).
Submitted by:
Reviewed by:
PR:

show more ...

Add "static" to function definition

Submitted by: Anonymous
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:

Fix a couple of cases where an attempt is made to lock an already locked
mutex.

Remove NOPROTO definitions and error code comments.

Change #include filenames from <foo.h> to <openssl.h>.

Submitted by:
Reviewed by:
PR:

Change functions to ANSI C.

Fix some warnings. Contributed by Anonymous.

Add type-safe STACKs and SETs.

New option "-showcerts" for s_client

Slight cleanup in ssl/

Fix security hole.

Add support for new TLS export ciphersuites.

Updates to the new SSL compression code
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Fix so that the version number in the master secret, when passed

Updates to the new SSL compression code
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Fix so that the version number in the master secret, when passed
via RSA, checks that if TLS was proposed, but we roll back to SSLv3
(because the server will not accept higher), that the version number
is 0x03,0x01, not 0x03,0x00
[Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]

Submitted by:
Reviewed by:
PR:

show more ...

Accept NULL in *_free.

Import of old SSLeay release: SSLeay 0.9.1b (unreleased)

Import of old SSLeay release: SSLeay 0.9.0b

Import of old SSLeay release: SSLeay 0.8.1b